49381 |
2020-06-30 10:57
|
https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed |
2
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
6
cdn1.estsecurity.com(52.85.230.29) watson.microsoft.com(51.143.111.81) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 52.184.220.162 52.85.230.35
|
|
|
4.6 |
|
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49382 |
2020-06-30 10:55
|
wdfr.exe b6fb3e01b32130297ac61b8c33f3bdde VirusTotal Malware |
|
|
|
|
1.6 |
|
27 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49383 |
2020-06-30 10:55
|
https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed |
2
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
6
cdn1.estsecurity.com(52.85.230.29) watson.microsoft.com(51.143.111.81) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 52.184.220.162 52.85.230.35
|
|
|
4.6 |
|
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49384 |
2020-06-30 10:53
|
https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed |
2
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
6
cdn1.estsecurity.com(52.85.230.29) watson.microsoft.com(51.143.111.81) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 52.184.220.162 52.85.230.35
|
|
|
4.6 |
|
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49385 |
2020-06-30 10:51
|
https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed |
2
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
6
cdn1.estsecurity.com(52.85.230.29) watson.microsoft.com(51.143.111.81) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 52.184.220.162 52.85.230.35
|
|
|
4.6 |
|
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49386 |
2020-06-30 10:45
|
https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed |
2
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
6
cdn1.estsecurity.com(52.85.230.29) watson.microsoft.com(51.143.111.81) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 52.184.220.162 52.85.230.35
|
|
|
4.6 |
|
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49387 |
2020-06-30 10:42
|
http://uniengrisb.com/img/rt.m... df0cd6ac04f08a3c46546bc238dbacb1 VirusTotal Malware Code Injection Creates executable files exploit crash unpack itself Windows utilities Windows Exploit crashed |
4
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://uniengrisb.com/img/rt.msi https://uniengrisb.com/img/rt.msi https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
6
uniengrisb.com(203.124.44.126) watson.microsoft.com(52.158.209.219) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 203.124.44.126 52.184.220.162
|
|
|
4.6 |
M |
5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49388 |
2020-06-30 10:42
|
https://cdn1.estsecurity.com/s... cd9ad65c40a534893b7cd9ee0c4685ea Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed |
2
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
6
cdn1.estsecurity.com(52.85.230.29) watson.microsoft.com(51.143.111.81) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 52.184.220.162 52.85.230.35
|
|
|
4.6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49389 |
2020-06-30 10:39
|
https://cdn1.estsecurity.com/s... f809c38f0febca37c04811e2dc51ff8e Code Injection Creates executable files exploit crash unpack itself Windows utilities AppData folder Windows Exploit crashed |
2
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
6
cdn1.estsecurity.com(52.85.230.29) watson.microsoft.com(51.143.111.81) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 52.184.220.162 52.85.230.35
|
|
|
4.6 |
|
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49390 |
2020-06-30 10:25
|
http://www.nalara1220.o-r.kr/x... b8f26033be6948c20021fe45188f9c70 Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed |
8
http://www.nalara1220.o-r.kr/xss.jsp http://www.nalara1220.o-r.kr/%3C http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/alert(1); https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/alert(1); https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
8
www.nalara1220.o-r.kr(35.226.40.154) iecvlist.microsoft.com(117.18.232.200) watson.microsoft.com(52.158.209.219) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 35.226.40.154 52.184.220.162 8.8.4.4
|
|
|
5.0 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49391 |
2020-06-30 10:19
|
http://www.nalara1220.o-r.kr/x... 128e5767e89d3c6af1b1076d6bfc48e8 Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed |
8
http://www.nalara1220.o-r.kr/%3C http://www.nalara1220.o-r.kr/xss.jsp http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml http://www.nalara1220.o-r.kr/favicon.ico https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
7
www.nalara1220.o-r.kr(35.226.40.154) watson.microsoft.com(51.143.111.81) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 35.226.40.154 52.184.220.162 8.8.4.4
|
|
|
4.2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49392 |
2020-06-30 10:04
|
http://www.nalara1220.o-r.kr/x... 128e5767e89d3c6af1b1076d6bfc48e8 Code Injection ICMP traffic RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit crashed |
8
http://www.nalara1220.o-r.kr/favicon.ico http://www.nalara1220.o-r.kr/xss.jsp http://www.nalara1220.o-r.kr/%3C http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml https://www.nalara1220.o-r.kr/xss.jsp https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/%3C https://www.nalara1220.o-r.kr/favicon.ico https://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
|
7
www.nalara1220.o-r.kr(35.226.40.154) watson.microsoft.com(52.158.209.219) ie9cvlist.ie.microsoft.com(117.18.232.200) 117.18.232.200 35.226.40.154 52.158.209.219 8.8.4.4
|
|
|
5.0 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49393 |
2020-06-30 10:01
|
http://192.168.37.135/test.htm... Code Injection RWX flags setting unpack itself Windows utilities Windows |
|
|
|
|
3.2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49394 |
2020-06-30 09:30
|
http://192.168.37.135/test.htm... Code Injection RWX flags setting unpack itself Windows utilities Windows |
|
|
|
|
3.2 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
49395 |
2020-06-30 09:21
|
asdfg.exe b726f090cc523eaa9861ca0c9a748493 Browser Info Stealer VirusTotal Email Client Info Stealer Malware Cryptocurrency wallets Cryptocurrency suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted WMI Creates executable files unpack itself Windows utilities Collect installed applications Check virtual network interfaces suspicious process AppData folder malicious URLs WriteConsoleW anti-virtualization installed browsers check Windows Browser Email ComputerName |
20
http://ademg.ug/msvcp140.dll http://ademg.ug/main.php http://ademg.ug/sqlite3.dll http://ademg.ug/nss3.dll http://ademg.ug/ http://ademg.ug/vcruntime140.dll http://ademg.ug/mozglue.dll http://ademg.ug/softokn3.dll http://ademg.ug/freebl3.dll http://gadem.ug/az2.exe https://gadem.ug/az2.exe https://ademg.ug/softokn3.dll https://ademg.ug/sqlite3.dll https://ademg.ug/freebl3.dll https://ademg.ug/mozglue.dll https://ademg.ug/msvcp140.dll https://ademg.ug/nss3.dll https://ademg.ug/vcruntime140.dll https://ademg.ug/main.php https://ademg.ug/
|
3
gadem.ug(217.8.117.45) ademg.ug(217.8.117.45) 217.8.117.45
|
|
|
18.4 |
|
44 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|